SecurityNOW’s Cybersecurity Tips of the Week – March 31, 2017

TipsPasswords, they used to say, are like toothbrushes–don’t share them and change them often. Indeed that rule is still true but security is more than just changing your passwords often and keeping them to yourself. Passwords, unfortunately, are our first line of defense in protecting our online accounts, our identities, and our transactions. Passwords should be as long and as complex as possible, which is why you should use a password manager such as LastPass. LastPass will generate a random, long, and complex password that you don’t have to remember because it remembers them for you. There’s only two things you have to remember when you use LastPass: logoff of LastPass before you leave your computer and the LastPass master password.

And since passwords aren’t your only defense in this cyber-connected and unsafe world, I’m providing a list of tips to help keep you safe and secure during your online excursions. Read and heed.

  1. Use the screen lock feature of your phones, tablets, and computers.
  2. Use a random non-guessable passcode for unlocking screens.
  3. Use a password manager.
  4. Use different passwords for each online account (saved in your password manager)
  5. Install all hardware and software updates as they’re presented.
  6. Only install apps from the app store and only those that have many good reviews.
  7. Turn off tracking from your apps.
  8. Use a VPN or your cellular network in public places.
  9. Keep phone conversations private.
  10. Perform online banking in private.
  11. Use two-factor authentication on social media and financial sites.
  12. Cover your device when entering passwords.

I know these are tips that you read and hear all the time but you need to remember them at all times. There is no trusted public environment and a secured WiFi connection is no guarantee of security. Anyone can setup a WiFi connection and supply a common password to it.

If you ever have questions about cybersecurity, use our contact page to ask your questions. We will reply.

BigID CEO Dimitri Sirota Discusses GDPR (Podcast)

BigIDPreston and I had the pleasure of speaking with BigID CEO Dimitri Sirota about General Data Protection Regulation (GDPR) and what it means to American businesses. We discussed several topics surrounding compliance such as dealing with GDPR and EU businesses, costs of compliance, pain points, where to find more information, and some solutions.

The main point of GDPR is to give users control of their personal data. For one, GDPR requires explicit permission from the data owner to allow personal data to be used. GDPR also includes the right to be forgotten or erased, which is a big topic of discussion for Preston and me.

In the US, public records can be scraped by anyone with the money to pay for the service. If you don’t understand what I mean, open a browser and type in your name. Google will return a few dozen hits with links to companies that will sell all public information about you to scammers, thieves, blackmailers, and others who have less than savory intentions.

These sources have access to your home address, former addresses, family member names, ages, dates of birth, court cases, arrests, traffic violations, and much more. You’ll be shocked. I’ve attempted to remove myself from as many of these lists as possible because I feel it’s a violation of my privacy and of my right to privacy. The European Union (EU) agrees.

Podcast details:

Length: 25:44 minutes. Format: MP3. Rating: G for all audiences.

I have to apologize for my sound quality. It only affected my microphone. My gain was too high. Preston and I didn’t discover the problem until after the interview, which is really too late to do anything about it. I tried to fix it but had little luck in doing so. We have since resolved the issue.

Enjoy and stay secure.

Enterprise Security Trends with Absolute’s Richard Henderson (Podcast)

AbsolutePreston and I discussed security trends with Absolute‘s Global Security Strategist, Richard Henderson (@richsentme) on St. Patrick’s Day eve. Unfortunately, the whole thing took place via Skype rather than at Doolin’s. Hey, some people work for a living and can’t always get to the fun right away or even on the day after. 

Some of the topics covered by our broad swipe at enterprise security trends were two-factor authentication, advanced persistent threats, SSO, and insider threats. We also touched on Absolute’s strategy for protecting you, your applications, and your entire enterprise from security threats.

Richard is one of the best guests we’ve ever had on the show and we hope that he’ll return to discuss Absolute’s products in more depth and to discuss other timely security topics.

Podcast details:

Length: 23:46 minutes. Format: MP3. Rating: G for all audiences.

Remember, our podcasts are licensed CC BY.

March 2017 – Cybersecurity Spring Cleaning Month

Cybersecurity Spring CleaningPreston and I discuss doing some cybersecurity spring cleaning. This podcast lists some areas of security you might not have considered while doing your spring cleaning–but you should. We cover software updates, public WiFi and its dangers, app security and private information, in-app purchases, saved credit card information, and webcam paranoia.

Don’t miss this important podcast that will help you prevent theft and protect your privacy.

Podcast details:

Length: 19:51 minutes. Format: MP3. Rating: G for all audiences.

Copyright 2017 SecurityNOW Open Source License: CC BY

March 2017 Week 2 – Week in Review

Security LeaksThis week Preston and I discuss Wikileaks and the CIA hacks, personal privacy, Consumer Reports’ new reviews that cover security, and a few other current topics. Preston and I offer our opinions on these current topics. If yours differ from ours, please contact us for an interview. We interview C-level executives, industry experts, and security professionals. We have some really exciting interviews coming up in the next few weeks that you won’t want to miss.

Podcast details:

Length: 20:06 minutes. Format: MP3. Rating: G for all audiences.

Stay tuned for our monthly topical podcast that covers Cybersecurity Spring Cleaning. That podcast will be available on March 15.

March 2017 Week 1 in Review (Podcast)

CybersecurityPreston and I got together to talk about March 1-5 2017. It wasn’t a full week but it was the first week of March, so we’re calling it good on that front. We discussed our podcast with Morey Haber of BeyondTrust and the worst breaches of 2016; current scams including the malware package that you can purchase for $400, well, the equivalent of $400 in Bitcoin that is; the current lack of fidelity in our awesome Oklahoma state’s cybersecurity website; the cybersecurity crisis as described by Symantec CEO Greg Clark; the fact that 39 percent of North Americans have been affected by cybersecurity breaches, and a few other topics of interest.

We also included some practical takeaways for you to use in meeting your own cybersecurity needs. Keeping yourself safe is more than just having a fancy password; it also means that you need to be vigilant in checking your surroundings when typing PINs, entering passwords into your phone or personal computer, and protecting your credit card information.

Complacency and negligence are the two biggest vulnerabilities in security. There’s this “air of trust” and there really shouldn’t be. You don’t have to be fully paranoid but a little paranoia and a lot of vigilance will help keep you safe–not only in the online world but also in the real world. For physical security, you should always be aware of your surroundings. Lock your doors, lock your windows, and have your key ready when you get to your door.

Podcast details:

Length: 17:36 minutes. Format: MP3. Rating: G for all audiences.

Thanks for reading and for listening. Please give us feedback and any topics of interest or companies you’d like to hear about.

The Worst Cybersecurity Breaches of 2016 (Podcast)

BeyondTrustPreston and I interviewed Morey Haber, BeyondTrust’s VP of Technology, and discussed 2016’s top five cybersecurity breaches. If you’d like to read more about Morey’s information on these breaches, check out his blog post, “The 5 Worst Breaches of 2016 – and What to Expect in 2017.

In our podcast, we cover the worst breaches plus additional content related to how to protect yourself from such breaches. Morey also mentions how BeyondTrust’s products can help protect you and your data.

Podcast details:

Length: 21:30 minutes. Format: MP3. Rating: G for all audiences.

Be sure to check out BeyondTrust’s security products.